Credential Stuffing Attempt
Informational
Open
ALR-00006 · 2026-07-06T10:09:14Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Attack Surface Scanner.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
10:09:14
Event ingested by SOC365 Engine
10:09:15
EmilyAI triage started — correlation enrichment
10:09:24
EmilyAI confidence: 97% — escalated to human analyst
10:09:39
Alert assigned to analyst: EmilyAI (auto)
10:11:50
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00099 | 22h ago | Credential Stuffing Attempt | High | Escalated | VM-DEV-01 |
| ALR-00107 | 1d ago | Suspicious Scheduled Task | Informational | Open | WS-MAC-005 |
| ALR-00077 | 1d ago | Credential Stuffing Attempt | Medium | Open | WS-PC-003 |
| ALR-00046 | 1d ago | Credential Stuffing Attempt | Medium | Investigating | WS-LAP-012 |
| ALR-00355 | 1d ago | Credential Stuffing Attempt | Medium | Resolved | SRV-APP-01 |